LulzSec: How NOT To Run An Insurgency

Lulzsec seems to be imploding a bit with the pressure put on them by their own interpersonal issues as well as the likes of Th3j35t3r and the Web Ninja’s on their backs as well. I however, would like to point out the Lulz tactical failures that are directly leading to their ultimate party van special that seems to be coming soon. I say ‘seems’ to be coming because who really knows what will happen. Perhaps some of these guys will actually skate because they were smart enough to keep some of their personal details.. well.. personal.. Maybe not though as is evidenced by the ‘doxing pastebin-palooza’ of late.

Secrecy is important:

LulzSec seems to have misunderstood that secrecy is really really important when you are doing something like a digital insurgency. Sure, you can try to rely on all the technologies like proxies to hide your IP, but, you also have the human element to contend with. It is here where the Lulz have not thought things out too clearly. They attempted to use the Anonymous model, but, unlike Anonymous, they, had a smaller crew and a central core that, well, has been rather chatty. Chatty mind you, on IRC channels that have been compromised and monitored.

Loose lips sink ships.. Yeah, I went there…

Nope, while Lulzsec has been attempting to be secret, they failed to follow through and actually carry out their insurgency behind a wall of utter secrecy or even a cell based infrastructure it seems. Of course most of these efforts have been planed out and talked about on said IRC channels (even the sooper sekret ones) and advertised so others could revel in the lulz.

This and the other things I am going to mention will be their undoing.

Communications Should be COVERT:

Ok, so, how long did Osama have runners with USB keys on donkey’s going to Peshawar Internet cafe’s without being caught? Oh, yeah, 10 friggin years! It took the CIA a long time to catch on to the runners/couriers and even then they did so only from a VERY FEW pieces of hard SIGINT. The key here kids is that the AQ guys were practising ‘tradecraft’ unlike the Lulzsec kids. They took pains to insure that their communications were not easily picked up by the NSA or anyone else listening and watching.

You guys in Lulzsec? Not so much….

Instead, you have relied on technology to keep you safe while flagrantly whipping out your collective pee pee’s and waving them at forces who are much better equipped, trained, and funded to hunt you down and make you go bye bye. Some might see that as daring… Others see it as just plain stupid. Either way, since you have failed to use real covert channels that you do not advertise, you have highly increased the likelihood that you will soon see those party van’s you speak of so often (mockingly) in your yards as they start taking all your computers out the door, and you to the local orange jump suit palace.

Next time, just have your meetings in the parking lot of the local PD. It will cut out the middle man.

Ego is the mind killer:

I must not have too much Ego. Ego is the mind-killer. Ego is the little-death that brings total obliteration. I will face my Ego. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the Ego has gone there will be nothing. Only I will remain.

Ah yes, I have been ruminating on this one for some time and even adjusted this quote from Dune, which I think fits nicely. Your ego’s have been writing checks that you aren’t likely to want to have cashed kids. You have said that you do it for the lulz, you have also made intimations that its about how poor security is within the internet ecology, but, I think mainly your motivations have been ego driven. What this means is that you are getting quite the buzz off of being so darn smart and snarky. You have been having fun poking the badgers in the eyes and feeling invincible.

Well, you aren’t geniuses and you aren’t invincible. Eventually everyone gets caught, especially those who do not take care to cover their tracks and act smartly.

Simply, your ego’s have done you in… Be sure to check that ego at the door to the federal penitentiary that will be your new home, because there are bigger and nastier people in there who will be trading you for smokes soon. Oh, and remember to buy a lot of tucks pads.. You are going to need them.

Untrustworthy Assets Should NOT be Trusted With Operational Details:

This brings me to the bust of your minimally affiliated IRC op Ryan. It seems from all of the press and from the kids history, that he was unstable to start. This is the guy you want to trust with any data, no matter how small, on who Lulzsec is and how they operate?

Really?

Well then, who else do you have running your servers and running errands? Because I think they are likely to be just as whacked as Ryan and likely to be caught and roll within the first few minutes of interrogation!

Bravo, well done!

If you guys had any operational smarts, you would have to know that you cannot trust anyone with the whole picture. You pretty much are claiming that now after his arrest, but I think secretly you are all leaving fudge stains in your pants presently. According to the police Ryan had A LOT of data laying round and how are you to know who he talked to and how much he really knew about you all? Even IF you tried to be as careful as possible, you more than likely slipped up and gave him information that he will be giving.. Nope.. wait.. HAS GIVEN to the FBI and the Met.

Another failure on your part in the game of insurgency… I guess you will learn the hard way. Just as you will learn that outing your pals yourselves because they decided they wanted out, or did something to piss you off, will only lead back to you. Not the smartest of moves should any of these guys have data on you that they can use to turn against you.

“Never burn an asset unless you burn them and then shoot them between the eyes.. Or they will come back at you”

LulzSec Fall Down.. Go BOOM:

Finally, as if you could not tell from everything I said above, you are going to go down and likely go down hard. It will be a learning experience for you and for everyone else who wants to let their ego run free to gather 220K of followers on twitter by poking the badger. I am imagining that Ryan and his volumes of digital data, are being disseminated throughout the community of Feds and other agencies as I write…

Oh well, like I said, there’d daring and then there is stupid… Remember what John Keating said in “Dead Poets”

“Phone call from God. If it had been collect, that would have been daring!”

Be seeing you soon as your being put in the back of the party van kids…

8 Responses

Meh. At least now I know a lot of people are willing to stir shit up.
Lulzsec and the likes getting caught? I don’t know, so far the only arrests that I’ve seen were this Ryan kid and a 16-year old boy in the Netherlands. That, and http://www.examiner.com/anonymous-in-national/fbi-lulzsec-server-takedown-fails makes me think the people that are after them are just as incompetent as Lulzsec is at being discrete.

Not that I care if they get arrested though. Lulz were had, info was spread and they will be rememberd!

Piece would have been more interesting if you had given more concrete examples of what happened. Where/who were the breakdowns, besides Ryan? What issues led to the breakdowns? If personality clashes, between who? You don’t even mention that they used the same nics in multiple places, increasing the chances of getting doxed.

“at forces who are much better equipped, trained, and funded to hunt you down and make you go bye bye.”

This is a very salient point, particularly if you factor in the FBI and CIA’s dislike of being made to look silly. They don’t like that at all. No no no.

And, with the budgets courtesy of the US Gov’t and tools and resource from the NSA at their disposal, I too think that LulzSec’s ego and badger poking will be their downfall. Maybe not all, but I’ll wager there’ll be more to follow.